Legal

Privacy Policy

Your health data is sensitive. We treat it that way.

Last updated: April 2026

Overview

GlyBeat ("we", "our", or "us") is committed to protecting your privacy, particularly with respect to your health data. This Privacy Policy explains how we collect, use, and protect your information when you use the GlyBeat application ("the App") and website at glybeat.com.

Health data is Special Category personal data under UK GDPR and EU GDPR. We apply the highest standards of care to it. We do not sell your personal data. We never will.

Data we collect

We collect only what is necessary to provide the App's features. This includes:

  • Account information: Your name and email address when you create an account or join our waitlist.
  • Health data (on-device): Glucose readings, food logs, medication records, exercise data, and HbA1c estimates. This data is stored locally on your device by default.
  • HealthKit data: With your explicit permission, the App reads glucose, steps, and activity data from Apple HealthKit. This data never leaves your device except as described in this policy.
  • AI conversation data: When you interact with Zen or Sage, message content is sent to Anthropic's API (Claude) to generate responses. Messages are not stored by GlyBeat beyond your device. Please review Anthropic's Privacy Policy.
  • Subscription data: Handled by RevenueCat and Apple's App Store. We do not store payment card details.
  • Usage analytics: Anonymous crash reports and usage data may be collected to improve the App. This data cannot identify you.

How we use your data

  • To provide and improve the features of the App
  • To personalise AI responses from Zen and Sage based on your health context
  • To send you service communications (e.g. when your subscription renews)
  • To send you the newsletter or waitlist updates you have opted into
  • To analyse anonymised usage patterns and improve the product

We will never use your health data for advertising purposes or sell it to third parties.

Data storage and security

Health data (glucose readings, food logs, medication records) is stored on your device only, using Apple's encrypted storage. It is not transmitted to GlyBeat's servers.

Your name and email address (if you create an account or join the waitlist) are stored securely on our servers using industry-standard encryption.

We use RevenueCat to manage subscriptions. Their privacy policy is available at revenuecat.com/privacy.

Third-party services

  • Anthropic (Claude API): Powers Zen and Sage AI features. Message content is processed by Anthropic. See their Privacy Policy.
  • Apple HealthKit: Used to read health data with your permission. Governed by Apple's privacy policy.
  • RevenueCat: Handles subscription management and billing.
  • Open Food Facts: Used for barcode food lookups. No personal data is sent.

Your rights (UK & EU GDPR)

You have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your personal data ("right to be forgotten")
  • Restrict or object to processing of your data
  • Data portability — receive your data in a structured, machine-readable format
  • Withdraw consent at any time (where processing is based on consent)

To exercise any of these rights, contact us at hello@glybeat.com. We will respond within 30 days.

Lawful basis for processing

We process your data under the following legal bases:

  • Explicit consent: For health data and AI interactions.
  • Contract performance: To provide the subscription service you have purchased.
  • Legitimate interests: For anonymous analytics to improve the product.

Children's privacy

GlyBeat is not intended for use by children under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

Data retention

On-device health data is retained until you delete the App or clear its data. Email and account data is retained while your account is active and deleted within 30 days of a verified deletion request.

Medical disclaimer

GlyBeat is an informational tool, not a medical device. Nothing in the App constitutes medical advice, diagnosis, or treatment. All AI-generated content is for informational purposes only. Always consult a qualified healthcare professional before making decisions about your health, medications, or treatment.

GlyBeat is not regulated as a medical device by the MHRA, FDA, or any other regulatory body. It is classified as a general wellness app.

Terms of use

By using GlyBeat, you agree to use the App for lawful purposes only. You must not attempt to reverse-engineer, copy, or redistribute the App or its AI models. Subscription fees are non-refundable except where required by applicable law.

We reserve the right to update these terms at any time. Continued use of the App after notification of changes constitutes acceptance of the updated terms.

Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page and, where appropriate, notify you by email or in-app notification.

Contact

For privacy-related enquiries, data requests, or concerns, contact us at:

GlyBeat
Email: hello@glybeat.com
Website: glybeat.com